<- Back to Home
Distribution via compromised FTP servers
Prior to the development of modern peer-to-peer sharing systems and home broadband service, sharing warez sometimes involved warez groups scanning the Internet for weakly secured computer systems with high-speed connections. These weakly secured systems would be compromised by exploiting the poor FTP security, creating a special directory on the server with an unassuming name to contain the illegal content
A common mistake of early FTP administrators was to permit a directory named /incoming that allows full read and write access by external users, but the files themselves in /incoming were hidden. By creating a directory inside /incoming, this hidden directory would then allow normal file viewing. Users of the compromised site would be directed to login and go to a location such as /incoming/data/warez to find the warez content. Messages could be left for other warez users by uploading a plain text file with the message inside.
These hackers would also use known software bugs to illicitly gain full administrative remote control over a computer, and install a hidden FTP service to host their warez. This FTP service was usually running on an unusual port number, or with a non-anonymous login name like "login: warez / Password: warez" to help prevent discovery by legitimate users. Information about this compromised system would then be distributed to a select group of people who were part of the warez scene.
It was important for warez group members to regulate who had access to these compromised FTP servers, to keep the network bandwidth usage low. A site that suddenly became very popular would be noticed by the real owners of the equipment due to their business systems having become slow or low on disk space, resulting in an investigation of system usage which inevitably results in discovery and removal of the warez, and tightening of the site security.